The Basics of Digital Forensics:

Author: John Sammons 
Publisher:Syngress
Pages:208 
ISBN: 978-1597496612
Audience: Potential professional forensic experts
Rating: 4
Reviewer: Lucy Black 

Digital forensics sounds both important and interesting - and so it is, but can this book teach you the basics in around 170 pages?

It all depends what you mean by basics. Some years ago I took a University course in forensics - mostly because CSI made it look super cool. It started with a long discussion of "chain of custody" and other matters of book keeping necessary to forensic procedure. Needless to say it wasn't CSI even though we did get on to more techie topics later. This book is a bit like that course but it doesn't really get onto any techie topics in any depth. 

 

Banner

 

Chapter 1 is an introduction to forensics and more importantly an account of the professional aspects of the task including an introduction to US organizations concerned with the subject. It even mentions the CSI effect that I fell victim to.

Chapter 2 is called "Key Technical Concepts" - they may be key but there are very basic. If you are a programmer, and programmers would make good Digital Forensic investigators, then you should know all of this. What is a byte, hex, ASCII, Unicode, types of storage and so on. You might not know some of the stuff about file systems and how data isn't actually erased but you probably should. The book doesn't give any practical advice about how to recover data. It is more like an overview of what might be possible.

The next chapter is on labs and tools and this is more practical but again it is focused on matters like how can you trust a tool. Then on to collecting evidence which was a set of ideas familiar to me from my forensics course but with a lot of customization to the digital world. If you don't know forensic procedures this and much of the book up to this point will be useful to you. 

 

TheBasicsOfDigitalForensics

 

Chapter 5 gets more technically specific in that it looks at Windows systems and the particular opportunities that these offer - recovering data, the registry. restore points, link files and so on. Chapter 6 looks at anti-forensics, i.e. how people might try to cover up what they are doing so that you can't find out. This more or less just lists the possible approaches with brief descriptions. As with much of the book the technical details are the bare minimum. 

Chapter 6 is about legal aspects and it is 100% US oriented - the fourth amendment, criminal law, searching with a warrant. No consideration is given to the problems of worldwide legal systems or working in different jurisdictions - and this isn't unreasonable as it would have made the book difficult to write and huge. 

Chapter 8 moves back to the technology again with Internet and email. Here the examples are Windows based once again. It covers non-technical issues such as the status of email as evidence and so on. The next chapter is on network protocols and of course being so short it hardly scratches the surface. Chapter 10 deals with mobile including GPS.

The final chapter is a bit of a round up and a look at the new technologies like solid state disks and cloud computing. Not really cutting edge but you might expect the forensic aspects of these technologies to advance slower than the technologies themselves. 

Over all this is a reasonably good read if you want to know about what you might call the professional or book-keeping side of digital forensics. It does introduces some of the technological problems but more so that you have a general picture of the sorts of things you might have to deal with. It makes no attempt to make you an expert or even practically capable in these areas. The intention seems to be to just orient the complete beginner. As such the book works - but if you are a techie beware of its low information content. If you know anything about hacking you might be disappointed by the low level approach. 

 

Banner


Professional Scrum Development with Azure DevOps

Author: Richard Hundhausen
Publisher: Microsoft Press
Pages: 432
ISBN: 978-0136789239
Print: 0136789234
Kindle: B08F5HCNJ7
Audience: Developers interested in Scrum
Rating: 5
Reviewer: Kay Ewbank

This is a book designed for teams using Scrum and Azure DevOps together for developing complex product [ ... ]



Software Mistakes and Tradeoffs (Manning)

Author: Tomasz Lelek and Jon Skeet
Publisher: Manning
Date: June 2022
Pages: 426
ISBN: 978-1617299209
Print: 1617299200
Audience: C# developers
Rating: 4
Reviewer: Mike James
We all make mistakes - do you want to read about them?


More Reviews

 

Last Updated ( Sunday, 29 December 2013 )